Assuming you have a key name what is the best way to find the latest version of that key?
I had assumed:
masterKeyVersionIterator := client.ListCryptoKeyVersions(ctx, &kmspb.ListCryptoKeyVersionsRequest{
Parent: masterKeyName,
PageSize: 1,
OrderBy: "createTime desc", // Can't order by "name desc" because it is probably string sort
})
But it seems like only ordering by name is allowed.
So, is the only solution something like this?
masterKeyVersionIterator := client.ListCryptoKeyVersions(ctx, &kmspb.ListCryptoKeyVersionsRequest{
Parent: masterKeyName,
PageSize: 2147483647, // int32 max
})
masterKeyLatest := &kmspb.CryptoKeyVersion{CreateTime: timestamppb.New(time.Time{})}
for {
versionCursor, err := masterKeyVersionIterator.Next()
if err == iterator.Done {
break
}
if err != nil {
log.Fatalln(err)
}
if versionCursor.CreateTime.AsTime().After(masterKeyLatest.CreateTime.AsTime()) {
masterKeyLatest = versionCursor
}
}
(But I believe that is actually not totally correct either because there is a maximum page size that gcloud will send I believe, meaning that you would need to wrap this in another loop iterating the page token)
This is a very inelegant approach, is there no better way?
Assuming you have a key name what is the best way to find the latest version of that key?
I had assumed:
masterKeyVersionIterator := client.ListCryptoKeyVersions(ctx, &kmspb.ListCryptoKeyVersionsRequest{
Parent: masterKeyName,
PageSize: 1,
OrderBy: "createTime desc", // Can't order by "name desc" because it is probably string sort
})
But it seems like only ordering by name is allowed.
So, is the only solution something like this?
masterKeyVersionIterator := client.ListCryptoKeyVersions(ctx, &kmspb.ListCryptoKeyVersionsRequest{
Parent: masterKeyName,
PageSize: 2147483647, // int32 max
})
masterKeyLatest := &kmspb.CryptoKeyVersion{CreateTime: timestamppb.New(time.Time{})}
for {
versionCursor, err := masterKeyVersionIterator.Next()
if err == iterator.Done {
break
}
if err != nil {
log.Fatalln(err)
}
if versionCursor.CreateTime.AsTime().After(masterKeyLatest.CreateTime.AsTime()) {
masterKeyLatest = versionCursor
}
}
(But I believe that is actually not totally correct either because there is a maximum page size that gcloud will send I believe, meaning that you would need to wrap this in another loop iterating the page token)
This is a very inelegant approach, is there no better way?
Share Improve this question asked Feb 21 at 1:26 AidanAidan 4944 silver badges23 bronze badges1 Answer
Reset to default 1// Can't order by "name desc" because it is probably string sort
This isn't true. name is an output only field (documentation) and it's always set to an increasing number.
When sorted, it's done numerically.
An example:
listCryptoKeyVersionsReq := &kmspb.ListCryptoKeyVersionsRequest{
Parent: cryptoKey,
OrderBy: "name desc",
}
it := client.ListCryptoKeyVersions(ctx, listCryptoKeyVersionsReq)
for {
resp, err := it.Next()
if err == iterator.Done {
break
}
if err != nil {
log.Fatalf("Failed to list key rings: %v", err)
}
version, _ := strings.CutPrefix(resp.Name, cryptoKey)
fmt.Printf("key version: %s\n", version)
}
Output:
$ go run main.go
key version: /cryptoKeyVersions/10
key version: /cryptoKeyVersions/9
key version: /cryptoKeyVersions/8
key version: /cryptoKeyVersions/7
key version: /cryptoKeyVersions/6
key version: /cryptoKeyVersions/5
key version: /cryptoKeyVersions/4
key version: /cryptoKeyVersions/3
key version: /cryptoKeyVersions/2
key version: /cryptoKeyVersions/1